Secure data is an important characteristic for a computer network. There are many methods to provide security that can be employed to protect data stored on the computer network. Some of these methods include encryption and decryption to protect important data using hardware and software. Additional methods are employed on the computer network server which is applied to the operating system, the motherboard, basic input/output system (BIOS), security controllers, secure storage and secure processors. Typically, each of these security features may involve a security key to establish a trust relationship. For example, a trust relationship can exist between the platform owner and the platform firmware, operating system and platform firmware, client and server platform, secure data of media and platform owner, etc. Establishing the trust relationship can be accomplished using symmetric and asymmetric cryptographic keys, digital signature certificates, and new objects to enroll/delete/clear key. A secure key of each of the security features above all has its own capability, and a unique name and special location to save/retrieve, to protect the server platform from malicious software attack. Each one of these security features also has different characteristics, policy and software protocols for data, message, and owner authentication.
In order to manage these different kinds of security keys more efficiently for a rack server system, a key management server can be used to centralize security keys for multiple rack servers in a data center. The key management server can deliver the appropriate security keys to the rack servers. The server platform can communicate with the key management server using a secure protocol or secure firmware and hardware when under attack by a virus or malicious software. One communication protocol is the key management interoperability protocol (KMIP) which can be used between the key management server and an encryption server, but typically only executes under the operating system layer. Unfortunately, a malicious software application may reside behind the operating system kernel and retrieve a security key with false certification, then use the security key to enter the server and cause damage.